Data Tsunami: Coupang's Breach Affects 34 Million Customers in South Korea
South Korea’s largest e-commerce platform, Coupang, is in hot water after a massive data breach that could impact nearly 34 million customer accounts. The breach, reported by the country’s internet authorities, revealed alarming exposures in a time when such incidents are becoming alarmingly routine. Coupang, often likened to Amazon, initially reported that 4,500 accounts were compromised but later discovered the full scope of the breach involved nearly all its local accounts.
The breach is believed to have begun as early as June, originating from a server stationed overseas. Thankfully, sensitive information such as credit card data and login credentials were not leaked, leaving exposed data limited to names, email addresses, phone numbers, and shipping details. However, the sheer scale of exposure—impacting more than half of South Korea’s 52 million population—is staggering and raises significant concerns about cybersecurity in the nation.
Coupang has issued an apology and urged customers to be vigilant against potential scams that may arise as a result of the breach. Both the Ministry of Science and ICT and other authorities are investigating the lapse and whether Coupang adhered to data protection laws. Speculations point toward a former employee as a potential perpetrator.
Despite South Korea’s image as a leader in data privacy, the breach adds to a troubling list of similar incidents in recent months, including a $100 million fine against SK Telecom for a separate data leak affecting over 20 million subscribers. Prominent local media and organizations have criticized Coupang’s failure to prevent the breach, calling it potentially the worst data leak in Korean history. The Chosun Ilbo declared it as preposterous, demanding stronger regulations to protect customer data.
This incident has cast a dark shadow over the country’s cybersecurity measures and highlights the pressing need for robust data protection protocols in the face of rising cyber threats.